SneakyDave
Well-known member
Is this the low risk vulnerability patched a month ago?
Oh, I guess it was.
Oh, I guess it was.
Security Concern - TapaTalk
- Thread starter Adam Howard
- Start date
TPerry
Well-known member
I am assuming so.... I was a little short on a post with them there about their roll it into existing code and not notifying the tapatalk associated forum owners (heck they already send you email blasts about other crud). Got a response pretty quickly back from Winter advising the typical mumbo-jumbo but stating that they would be notifying the forum owners via email.
They locked the thread about this on the Tapatalk forum. That's fairly disrespectful to forum owners, in my opinion, particularly since no announcement has been made yet.
"We have this admitted vulnerability. We silently patched against it by updating the addon, but since we didn't want to own the issue or get any publicity for it, we didn't bother to let anyone know that we updated the published files."
The word irresponsible comes to mind.
"We have this admitted vulnerability. We silently patched against it by updating the addon, but since we didn't want to own the issue or get any publicity for it, we didn't bother to let anyone know that we updated the published files."
The word irresponsible comes to mind.
DaveM
Well-known member
Well I was lucky in this as well once the members heard of the security risk to the forum they agreed it must be removed. They were disappointed though but understood
Yeah so low risk that it compromised my server
Source - http://www.securelist.com/en/advisories/58348
My phone was infected and they got some of my private information
SneakyDave
Well-known member
Yeah so low risk that it compromised my server
Source - http://www.securelist.com/en/advisories/58348
My phone was infected and they got some of my private information
Then that security advisory should be changed from "Less Critical"
JamesBrown
Well-known member
When I'm browsing on a smartphone I always try and avoid those things like tapatalk and mobile skins. These days I find they are just not necessary and I'd rather browse sites normally even if it involves plenty of pinching and scrolling, the experience is always better
Last edited:
and you're just getting around to fixing/announcing it now!?
MattW
Well-known member
Me either. Best thing I did was remove it from my site.
wickedstangs
Well-known member
My Members can't be without it... 
FredC
Well-known member
That is a predicament i am happy to not be in.. I had about 40 tapatalk users at best and lost some of them but most adapted..
Alpha1
Well-known member
Are your members registering trough tapatalk?
Are your members uploading attachments to tapatalk?
If the answer is yes, then you you are dependent upon Tapatalk. Your dependency will only grow.
What happens once they start charging you a lot for Tapatalk on your site?
TPerry
Well-known member
Don't know about him.. but currently all registrations are through the forum and no remote hosting of photos on any of my forums.
wrx1
Active member
Tapatalk is just BS. I uninstalled tapatalk on May 2nd, so how the hell am I getting users and ad impressions when it is not even installed on my site??
And if I was running Tapatalk, at no point would I EVER consider their numbers correct. I am still generating ad impressions on a system that is not even installed.
Best thing I did was remove it. I found out here that there is the security issue. I still have not received a email about it. They are just criminals at this point.
Russ
DRE
Well-known member
updated. Thanks @Adam Howard
